Could we add a custom python script on our Splunk server and have it executed from a client using the Splunk REST API?
Are you looking for something like this
https://wiki.splunk.com/Community:40GUIDevelopment
SOLVED for similar case
"Error when I run custom Python script from one server to another sever using cURL (Search Factory: Unknown search command)"
Yes you can do that. One of the way is Modular Inputs.
Yes! One way to do this is with a custom search command. Let's say your python script is called "testscript". You could rewrite as (or call it from) a Python script that Splunk recognizes as a custom search command, and then you could execute it as a Splunk search like this: "| testscript". Then you could call that search (adding arguments as needed) using the Splunk REST API.
Here's a link that explains how to create custom search commands: http://dev.splunk.com/view/python-sdk/SP-CAAAEU2
Here's the basic documentation on running a search from Python using Splunk's REST API: http://dev.splunk.com/view/python-sdk/SP-CAAAEE5
Guys,
why this does not work from a Linux myServer2?
curl -k -u 'myUser:myPwd' https://myServer1:8089/services/search/jobs/export -d search=" | makeresults | myScript " -d output_mode=csv
But OK for search = " | makeresults | eval myVal=777 "
Again. So poor support here...